Home / Linux / Shell Script Development

Bash script to check if a domain or list of domains can be spoofed based in DMARC records

SpoofThatMail Bash script to check if a domain or list of domains can be spoofed based in DMARC records File with domains: sh SpoofThatMail.sh -f doma
Information
Category: Linux / Shell Script Development
Watchers: 2
Star: 7
Fork: 2
Last update: Jan 9, 2022
Resource links
https://github.com/v4d1/SpoofThatMail

SpoofThatMail

Bash script to check if a domain or list of domains can be spoofed based in DMARC records

File with domains:

sh SpoofThatMail.sh -f domains.txt

One single domain:

sh SpoofThatMail.sh -d domain

alt text

0 Open More issues
Closed

Fix Regular Expression

FIX: "v=DMARC1; sp=reject; p=none" will incorrectly result in "NOT vulnerable"

opened Jan 12, 2022 by freddieleeman 3
Closed

Refactor script

Check the correct number of parameters have been passed, if not, a help message will be displayed. The same will happen if unrecognised parameters are passed.

Make use of bash functions to reduce code duplication and better structure the script

opened Jan 9, 2022 by rsf92 3
Closed

alallala

null

opened Jan 14, 2022 by nareshvellore 1
Closed

Fix to allow whitespace

Use regular expression to allow whitespace around the "=" symbol to follow RFC7489 ABNF.

dmarc-request = "p" *WSP "=" *WSP ( "none" / "quarantine" / "reject" )

opened Jan 12, 2022 by freddieleeman 1
Closed

Revert "Fix to allow whitespace"

Reverts v4d1/SpoofThatMail#2

opened Jan 12, 2022 by v4d1 0
Closed

Revert "Fix Regular Expression"

Reverts v4d1/SpoofThatMail#3

opened Jan 12, 2022 by v4d1 0
Open

Enabled interpretation of new-line (\n) in multiple instances of echo!

Implemented a fix for the issue #6!

opened Jan 15, 2022 by TheBinitGhimire 0
Open

Help newlines not escaped 

$ ./SpoofThatMail.sh 

███████╗██████╗  ██████╗  ██████╗ ███████╗                          
██╔════╝██╔══██╗██╔═══██╗██╔═══██╗██╔════╝                          
███████╗██████╔╝██║   ██║██║   ██║█████╗                            
╚════██║██╔═══╝ ██║   ██║██║   ██║██╔══╝                            
███████║██║     ╚██████╔╝╚██████╔╝██║                               
╚══════╝╚═╝      ╚═════╝  ╚═════╝ ╚═╝                               
                                                                    
████████╗██╗  ██╗ █████╗ ████████╗    ███╗   ███╗ █████╗ ██╗██╗     
╚══██╔══╝██║  ██║██╔══██╗╚══██╔══╝    ████╗ ████║██╔══██╗██║██║     
   ██║   ███████║███████║   ██║       ██╔████╔██║███████║██║██║     
   ██║   ██╔══██║██╔══██║   ██║       ██║╚██╔╝██║██╔══██║██║██║     
   ██║   ██║  ██║██║  ██║   ██║       ██║ ╚═╝ ██║██║  ██║██║███████╗
   ╚═╝   ╚═╝  ╚═╝╚═╝  ╚═╝   ╚═╝       ╚═╝     ╚═╝╚═╝  ╚═╝╚═╝╚══════╝ by securihub.com 
                                                                 

Wrong execution\n
Accepted parameters:\n
Use -d along with a domain name, example sh SpoofThatMail.sh -d domain.com
Null string will be detected and ignored\n
Use -f along with a file containing domain names, example sh SpoofThatMail.sh -f domains.txt
Note that the path provided for the file must be a valid one\n

diff --git a/SpoofThatMail.sh b/SpoofThatMail.sh
old mode 100644
new mode 100755
index 80e2397..2e7e05b
--- a/SpoofThatMail.sh
+++ b/SpoofThatMail.sh
@@ -6,11 +6,11 @@ YELLOW='\033[1;33m'
 NC='\033[0m' # No Color
 
 help () {
-	echo "Accepted parameters:\n"
-	echo "Use -d along with a domain name, example sh SpoofThatMail.sh -d domain.com"
-	echo "Null string will be detected and ignored\n"
-	echo "Use -f along with a file containing domain names, example sh SpoofThatMail.sh -f domains.txt"
-	echo "Note that the path provided for the file must be a valid one\n"
+	echo -e "Accepted parameters:\n"
+	echo -e "Use -d along with a domain name, example sh SpoofThatMail.sh -d domain.com"
+	echo -e "Null string will be detected and ignored\n"
+	echo -e "Use -f along with a file containing domain names, example sh SpoofThatMail.sh -f domains.txt"
+	echo -e "Note that the path provided for the file must be a valid one\n"
 }
 
 check_url () {
@@ -20,17 +20,17 @@ check_url () {
 	output=$(nslookup -type=txt _dmarc."$domain")
 	case "$output" in
 		*p=reject*)
-			echo "$domain is ${GREEN}NOT vulnerable${NC}"
+			echo -e "$domain is ${GREEN}NOT vulnerable${NC}"
 		;;
 		*p=quarantine*)
-			echo "$domain ${YELLOW}can be vulnerable${NC} (email will be sent to spam)"
+			echo -e "$domain ${YELLOW}can be vulnerable${NC} (email will be sent to spam)"
 		;;
 		*p=none*)
-			echo "$domain is ${RED}vulnerable${NC}"
+			echo -e "$domain is ${RED}vulnerable${NC}"
 			retval=1
 		;;
 		*)
-			echo "$domain is ${RED}vulnerable${NC} (No DMARC record found)"
+			echo -e "$domain is ${RED}vulnerable${NC} (No DMARC record found)"
 			retval=1
 		;;
 	esac
@@ -49,7 +49,7 @@ check_file () {
 			check_url $line
 			VULNERABLES=$((VULNERABLES=VULNERABLES+$?))
 		done < $input
-		echo "\n$VULNERABLES out of $COUNTER domains are ${RED}vulnerable ${NC}"
+		echo -e "\n$VULNERABLES out of $COUNTER domains are ${RED}vulnerable ${NC}"
 
 }
 
@@ -73,7 +73,7 @@ main () {
 
 }
 
-echo "
+echo -e "
 ███████╗██████╗  ██████╗  ██████╗ ███████╗                          
 ██╔════╝██╔══██╗██╔═══██╗██╔═══██╗██╔════╝                          
 ███████╗██████╔╝██║   ██║██║   ██║█████╗                            
@@ -90,7 +90,7 @@ echo "
                                                                  
 "
 if [ $# != 2  ];then
-	echo "Wrong execution\n"
+	echo -e "Wrong execution\n"
 	help
 	exit 0
 fi
opened Jan 12, 2022 by klikevil 3

Contents

    grahamhelton Spoofpoint is a domain monitoring tool that allows you to generate domains names one character off of your domain that could have been registered by an attacker attempting to get a domain that looks like yours
    nikita-skobov A bash script designed to create other bash scripts with argument parsing
    adem-pelit HTML cv oluşturuan bash script algoritması
    alexanderepstein A drop in bash script that can be added to any bash application/CLI to automate updating
    mavieth Check WHOIS information for a list of domains
    realvincentuche Search bulk domains with your favorite domain extensions
    zombieleet bash script that implements few asynchronous functions
    spatie Retrieve DNS records
    orslumen Cache Active Model Records in Rails 3
    riobard Powerline-style Bash prompt in pure Bash script. See also https://github.com/riobard/zsh-powerline
    niieani Bash Infinity is a modern boilerplate / framework / standard library for bash
    posener bash completion written in go + bash completion for go command
    felipebhz A tool created with Python to check if a domain's DNS is already pointing to an specific IP address.
    tomsoderlund Hosting multiple domains on the same Next.js site (while maintaining multiple languages and SSG)
    Har-Kuun A domain name bulk search bot with support of over 200 top-level domains.
    zombieleet A unit testing framework written in bash for bash scripts
    eldraco Analyze the security of any domain by finding all the information possible. Made in python.
    andreafabrizi Dropbox Uploader is a BASH script which can be used to upload, download, list or delete files from Dropbox, an online file sharing, synchronization and backup service.
    jiachenwestlake Multi-cell compositional LSTM for NER domain adaptation, code for ACL 2020 paper
    jeremykendall Public Suffix List based domain parsing implemented in PHP
    fatihes1 Bash script programming - GUI for wget command
    Share this repo

    Related Repos


    Shell Script Develop
    11
    Bash script programming - GUI for wget command
    fatihes1 GUI Bash Script --wget Click here for English README. Bash script programming - GUI for wget command 🎥 Kodların anlatımı ve script dosyasının kullanı
     
    Shell Script Develop
    10
    Zenity ve Whiptail kullanılarak oluşturulmuştur.
    ceydatekin Linux Shell Programlama Projesi : TO DO LIST Linux shell script, whiptail ve Zenity kütüphanesi ile yazılan, basit TO DO LIST programıdır. Programın Y
     
    Shell Script Develop
    6
    Zenity ve bash script kullanarak yazılmış, wget komutu ile web'den dosya indirmeye yarayan...
    selcuksan Zenity-App Zenity ve bash script kullanarak yazılmış, wget komutu ile web'den dosya indirmeye yarayan uygulamadır. Zenity nedir * Zenity çeşitli
     
    Shell Script Develop
    5
    HTML cv oluşturuan bash script algoritması
    adem-pelit CV-with-bash-Script HTML cv oluşturan bash script algoritması Bash Script Nedir Bash script Linux üzerinde çalışan kabuk programlama arayüzüdür. Final
     
    Shell Script Develop
    3
    Zenity ve Bash kullanarak yaptığım CV oluşturma uygulaması
    hakanakdogan Bursa Teknik Üniversitesi Bilgisayar Mühendisliği Bölümü 3. Sınıf Linux Araçları ve Kabuk Programlama Dersi Dönem Projesi Proje Hakkında: Bu uygulama,
     
    Shell Script Develop
    7
    Bash script to check if a domain or list of domains can be spoofed based in DMARC records
    v4d1 SpoofThatMail Bash script to check if a domain or list of domains can be spoofed based in DMARC records File with domains: sh SpoofThatMail.sh -f doma
     
    Shell Script Develop
    10
    Simplify and beautify bash scripts
    Deleh sf – script framework script framework can be used to simplify and beautify bash scripts. It provides: Argument parsing Usage output Output functions
     
    Shell Script Develop
    215
    A purely bash web server, no socat, netcat, etc...
    dzove855 Bash-web-server A purely bash web server, no socat, netcat, etc... Requirement bash 5.1 loadable accept builtin (http://git.savannah.gnu.org/cgit/bash
     
    Shell Script Develop
    4
    Automação do metasploit feita em bash
    Josh-Washington ​ Metasploit Automation Ⓜ️ uma simples automação feita em shell bash ​ INÍCIO • apt update • apt upgrade • apt install git ​ INSTALAÇÃO 💻 • git cl
     
    Shell Script Develop
    3
    Bash script to build awesomewm on Solus.
    anhsirk0 Bash script to build awesomewm on Solus Installation git clone https://github.com/anhsirk0/solus-awesome.git Usage cd solus-awesome make the script ex
     
    Shell Script Develop
    71
    Bring bash to the next level
    mauro-balades bash ++ This is a framework to bring bash to a next level. Check out the examples » Project status · Report Bug · Contribute code Index What is bash++
     
    Shell Script Develop
    2.7k
    A bash-tool to store your private data inside a git repository.
    sobolevn git-secret What is git-secret? git-secret is a bash tool which stores private data inside a git repo. git-secret encrypts files with permitted users'
     
    Shell Script Develop
    34
    lf.sh is a Bash utility to help you quickly search arbitrary files or search text from fil...
    suewonjp ☕ DESCRIPTION lf.sh is a Bash utility to help you quickly search arbitrary files or search text from files. It's more convenient and intuitive to use
     
    Shell Script Develop
    19
    Path bookmarking for bash. I use this extensively throughout my day.
    pedramamini Lazy Change Directory Simple bash commands for bookmarked navigation of the file system, complete with bash-completion. Usage: acd <mark> add a mark.
     
    Shell Script Develop
    1.3k
    A web server written in bash
    avleen bashttpd is a simple, configurable web server written in bash Requirements bash, any recent version should work socat or netcat to handle the underlyi